<!--
Computer Science Course 531 - Introduction to Software Engineering
Olive Insurance Client Management System (Client Database Access)
Version 1.0 (Base System)
Spring 2011

-- Source Code Details --
Page Tile: mainPage.php
Created By: David Gonzalez, Computer Science (Undergraduate)
Documented By: Darrius Serrant, Computer Science (Undergraduate)
Purpose: User interface that provides users access to the entire application through
         basic username/password authentication.

Status: Completed. All functionality has been implemented. User interface changes now pending.
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<?php

 /*
  *  PHP Documentation: Handles POST request transmitted from the current page; connect to the
  *  database and validate authentication information. If valid, permit user into the application.
  */
require_once ('connectvars.php');
session_start();
$error_msg = "";

if(!isset ($_SESSION['user_name'])){
    if(isset ($_POST['submit'])){
        $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

        $username = mysqli_real_escape_string($dbc,trim($_POST['username']));
        $password = mysqli_real_escape_string($dbc,trim($_POST['password']));

        if(!empty ($username) && !empty ($password)){
            $query = "SELECT Username FROM agent WHERE Username = '$username' AND " .
            "password = SHA('$password')";
            $data = mysqli_query($dbc, $query);

            if(mysqli_num_rows($data) == 1){
                $row = mysqli_fetch_array($data);
                $_SESSION['user_name'] = $row['Username'];
                header('Location: http://localhost:8888/PHP3/signIn.php');
            }
            else{
                $error_msg = 'Sorry :(';
            }
        }
        else{
            $error_msg = 'Sorry :{';
        }
    }
}
?>

<html>
    <head>
        <title>Log In:</title>
    </head>
    <body>
        <h3>Log In:</h3>
        <?php
         /*
          *  PHP Documentation: Outputs error message given the presence of the "user_name" attribute
          *  value in the SESSION cookie.
          */
        if(empty($_SESSION['user_name'])){
            echo $error_msg;
            ?>
        <form method="post" action="signIn.php">
            <label for ="username">UserName:</label>
            <input type ="text" id="username" name ="username"/> <br/>
            <label for ="password">Password:</label>
            <input type ="password" id ="password" name ="password"/>
            <input type ="submit" value="Log In" name ="submit" />
        </form>
        <?php
        }
        else{
         /*
          *  PHP Documentation: Displays login confirmation message upon valid user authentication,
          *  and transfers the user to the home page.
          *
          */
            echo 'You are Logged In :) <br>';
            header('Refresh: 2; http://localhost:8888/PHP3/mainPage.php');
            echo 'You will be transfered to main page...';

        }
        ?>
    </body>
</html>